Compliance

Compliance requires that we implement laws and regulations in accordance to their spirit as well as their letter.

Effective risk control with impactful compliance

Analyse

We draw up a list of requirements in the event of possible deficits in the protection, security, risk management and classification of data.

as-is analysis of evidence for compliance requirements
verification of the traceability of user and system activities
impact assessment of the risks of sensitive data, e.g., in the supply chain
evaluation emergency plan: Procedure in case of detection of e.g., data leakage
awareness programme and employee sensibilization

Consulting

Consulting based on the analysis. Comprehensive measures to limit the risks are developed.

conception of measures for data quality management
development and implementation of cyber defence & data protection
planning of measures such as practical tests for the emergency plan
Specific, Manageable, Actionable, Relevant, Timely – SMART metrics
employee awareness regarding user behaviours, patches, access rights^

Implementation

Implement measures to comply with data protection, privacy, corruption and antitrust regulations and other standards:

review of processes and governance structures
segmentation of data for better damage limitation
implementation of measures for better data quality management
Specific, Manageable, Actionable, Relevant, Timely – SMART metrics

Check

Control of all set goals. We ensure compliance with the relevant laws and guidelines.

results-oriented control of SMART Metrics key figures
drkpi® scoring process software delivers predictive model metrics
controlling the achievement of objectives in risk management and data security
outlook: optimization of governance and compliance

Wem nützt Compliance?

Decency, reliability, honesty and compliance with the law benefits everyone. For this reason, compliance must not be misused to shift responsibility for errors or negligence from the Management Board to the “subordinate area.”

A sense of proportion is the goal, i.e. a clear understanding of the compliance rules and their use in matters of law and the company’s value system (e.g. environment, data privacy, security and accident prevention) makes this possible.

“We used drkpi® to implement the EU’s General Data Protection Regulation or GDPR as well as the California Consumer Privacy Act or CCPA for short. As an international company in the field of medical technology, it was important to us to better protect the data and ensure its implementation in all countries. The team also made a risk assessment, made sure we had the right documents and contracts and secured the necessary documents for this work. We were very satisfied with the implementation and the results. We then used drkpi® experts as external data protection officer. We can fully recommend drkpi® in the area of compliance.”

Peter JohannFounder, Chairman & CEO Lumendi Ltd UK und Lumendi LLC, USA

“Thanks to an analysis of the current situation, drkpi® has shown us the shortcomings in terms of privacy protection, data protection and security. With the help of drkpi®’s strategy, we were able to close the gaps efficiently. We also documented the risks associated with tasks outsourced to third parties (cloud services). Thanks to the data protection monitoring process established by drkpi®, the compliance status is regularly checked. We receive very competent support from the drkpi® team for any necessary improvements”.

Arman SarhaddarCEO, ProEquity AG, Schweiz

Nothing Found

Sorry, no posts matched your criteria

Post Views: 344

This post is also available in: German